How to enable sftp logging in macOS Monterey and Ventura?

Question

blacksunix Author

Level 1

5 points

How to enable sftp logging in macOS Monterey and Ventura?

I'd like to enable logging of ssh and sftp logins and file transfers.

After perusing the man page for sftp-server, I tried uncommenting the line in /etc/ssh/sshd_config:

#Subsystem sftp /usr/libexec/sftp-server

and modifying it to:

Subsystem sftp /usr/libexec/sftp-server -f AUTH -l DEBUG

After restarting (altho I shouldn't need to), ssh/sftp no longer functions:

▶ ssh user@mymac.lan

kex_exchange_identification: read: Connection reset by peer

Connection reset by <server IP address on lan> port 22

When that line is commented out, ssh/sftp is restored (no restart req'd)

I did try adding this to /etc/syslog.conf:

auth.*

But to no avail.

Watched syslog during attempts to enable logging, but no errors were generated.

Can anyone help out?

iMac 27″

Posted on Sep 15, 2023 4:45 PM

Reply

Answer 1

BobHarris

Level 9

57,041 points

Sep 15, 2023 5:31 PM in response to blacksunix

System Settings-> General-> Sharing-> Remote Login -> enable

Then cluck on the (i) button next to the enable, and specify who can use the service.

you may need to give sshd-keygen-wrapper full disk access

Reply

Answer 2

blacksunix Author

Level 1

5 points

Sep 15, 2023 5:50 PM in response to BobHarris

Bob, I know how to enable ssh/start the ssh service. That's not the issue. I want to have ssh/sftp logins and actions taken by a user during an ssh or sftp session show in the syslog (or any log for that matter). This does not happen in the stock setup and when you attempt to enable this as suggested on the man page for sftp-server, it breaks the ssh service with no error msgs in the stem log - as noted above.

Reply

How to enable sftp logging in macOS Monterey and Ventura?

Similar questions